Monthly Archive: May 2019

Generate GoAccess report file daily via crontab

Problem: Want to generate GoAccess report file on website every day --

sudo cat /var/log/apache2/access.log | goaccess > /var/www/goaccess/index.html

above command although work in a normal case ( manually generate report in/var/www/goaccess/index.html ), for regular task like generate HTML reports in cron every day is not working -- above command put in cron file is not work and the file name is not in date format.

Solution: first ensure we let GoAccess know the datetime format setting for the report:

sudo vi ~/.goaccessrc

edit ~/.goaccessrc and fill with below code:

time-format %T
date-format %d/%b/%Y
log-format %h %^[%d:%t %^] "%r" %s %b "%R" "%u"

And then in the crontab file change GoAccess command with

sudo goaccess -p ~/.goaccessrc   /var/log/apache2/access.log -a -o /var/www/goaccess/`date +\%Y\%m\%d\%H\%M\%S`.html 

Remember set up the time expression, mine one is running at 5:55 am

55 5 * * * sudo goaccess -p ~/.goaccessrc   /var/log/apache2/access.log -a -o /var/www/goaccess/`date +\%Y\%m\%d\%H\%M\%S`.html 

the filename format will be like below image

Get an “… NO PUBKEY” message when enter apt-get update

The error message like below:

Err:12 bionic InRelease
The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 74A941BA219EC810

In normal case, enter sudo apt-key adv --keyserver<URL> --recv-keys <PUBKEY> command and replace the value. In this case, or is <URL> . 74A941BA219EC810 is <PUBKEY>

But sometimes you need to access the software official site to follow the instruction; Try google bionic InRelease then you can find this instruction

Enter below command to add the key

curl | gpg --import
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -

Fail2ban not block SSH fail attempts

In my /etc/fail2ban/jail.conf file:

enabled  = true
port     = ssh
filter   = sshd
logpath  = /var/log/auth.log
bantime  = -1
findtime  = 10m
maxretry = 5

So my Fail2ban should able to ban IP if the IP fails to attempt SSH 5 times within 10 minutes. But now Fail2ban not banning any IP

Solution: make sure Fail2ban service turned on

sudo fail2ban start
sudo fail2ban-client start</code></pre>

Then make sure /var/log/auth.log file exist in order to log the record

Finally restart rsyslog

sudo /etc/init.d/rsyslog restart